JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.128.64.182

34.128.64.182 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 41%: ?

41%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	182.64.128.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.128.64.182

Whois 34.128.64.182

IP Abuse Reports for 34.128.64.182:

This IP address has been reported a total of 13 times from 11 distinct sources. 34.128.64.182 was first reported on May 28th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-30 04:38:16 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 34.128.64.182 (182.64.128.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.128.64.182 (182.64.128.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 00:38:10.046813 2026] [security2:error] [pid 8930:tid 8930] [client 34.128.64.182:44690] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.164\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.164"] [uri "/database.sql"] [unique_id "ahppssOfHnp8qOLVMv4EjQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 nekopavel	2026-05-29 22:24:20 (2 weeks ago)	34.128.64.182 - - [30/May/2026:00:24:17 +0200]"GET /.aws/credentials HTTP/1.1" 301 162"-" 78.69.8.25 ... show more 34.128.64.182 - - [30/May/2026:00:24:17 +0200]"GET /.aws/credentials HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Linux; Android 7.1.2; Redmi 4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36""0.000" "-""Jakarta" "ID" 34.128.64.182 - - [30/May/2026:00:24:17 +0200]"GET /.aws/config HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36""0.000" "-""Jakarta" "ID" 34.128.64.182 - - [30/May/2026:00:24:17 +0200]"GET /aws_credentials.json HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.19 Safari/537.36""0.000" "-""Jakarta" "ID" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-05-29 16:56:00 (2 weeks ago)	No data received but visiting server	Bad Web Bot Web App Attack
🇩🇪 hackthetime	2026-05-29 03:37:08 (3 weeks ago)	$method: /actuator/heapdump: $body	Web App Attack
🇩🇪 hackthetime	2026-05-29 03:37:08 (3 weeks ago)	Auto report for path '/actuator/env'	Web App Attack
Anonymous	2026-05-29 02:19:49 (3 weeks ago)	Aggressive web scan	Web App Attack
Anonymous	2026-05-29 02:00:04 (3 weeks ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇫🇷 dynamix	2026-05-29 00:48:44 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇨🇦 Mediashaker	2026-05-29 00:01:10 (3 weeks ago)	(CT) IP 34.128.64.182 (ID/Indonesia/182.64.128.34.bc.googleusercontent.com) found to have 714 connec ... show more (CT) IP 34.128.64.182 (ID/Indonesia/182.64.128.34.bc.googleusercontent.com) found to have 714 connections show less	DDoS Attack
🇺🇸 TPI-Abuse	2026-05-28 23:21:28 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 34.128.64.182 (182.64.128.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.128.64.182 (182.64.128.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 19:21:23.325272 2026] [security2:error] [pid 11277:tid 11277] [client 34.128.64.182:43772] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.242\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.242"] [uri "/dump.sql"] [unique_id "ahjN89k4EAoZzLYa_FinrAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 0xffffffff	2026-05-28 22:51:27 (3 weeks ago)	[2026-05-29 01:51:25.068990] [authz_core:error] [pid 1081739:tid 130142091638464] [client 34.128.64. ... show more [2026-05-29 01:51:25.068990] [authz_core:error] [pid 1081739:tid 130142091638464] [client 34.128.64.182:55098] AH01630: client denied by server configuration: /var/www//actuator , error_notes:wrong-host , URI:'/actuator/heapdump' [2026-05-29 01:51:25.117776] [authz_core:error] [pid 1081738:tid 130141460096704] [client 34.128.64.182:55114] AH01630: client denied by server configuration: /var/www//actuator , error_notes:wrong-host , URI:'/actuator/env' [2026-05-29 01:51:25.123172] [authz_core:error] [pid 1081739:tid 130142005360320] [client 34.128.64.182:55128] AH01630: client denied by server configuration: /var/www//actuator , error_notes:wrong-host , URI:'/actuator/configprops' [2026-05-29 01:51:25.132774] [authz_core:error] [pid 1081738:tid 130141451704000] [client 34.128.64.182:55130] AH01630: client denied by server configuration: /var/www//actuator , error_notes:wrong-host , URI:'/actuator/logfile' [2026-05-29 01:51:25.139010] [authz_core:error] [pid 1081739:tid 130141996967616] [client 34.128.64.182 show less	Web App Attack Bad Web Bot
🇳🇿 Antinson	2026-05-28 22:45:14 (3 weeks ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇦🇺 2000cn.com.au	2026-05-28 21:45:59 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 207.154.234.10

🇩🇪 167.94.146.67

🇹🇭 103.230.120.88

🇫🇮 95.216.37.138

🇺🇸 47.150.134.148

🇳🇱 45.148.10.151

🇬🇧 35.203.211.176

🇬🇧 193.163.125.86

🇳🇱 176.65.148.81

🇮🇳 175.101.99.58

🇫🇮 147.185.133.170

🇨🇦 96.49.38.19

🇹🇷 85.111.68.99

🇮🇳 47.11.100.129

🇸🇨 45.194.67.147

🇨🇳 36.133.208.182

🇧🇪 34.76.145.89

🇳🇱 5.255.122.180

🇷🇴 2.57.122.177

🇺🇸 198.62.4.164